| Message ID | 20171213193150.2012-1-juhosg@freemail.hu |
|---|---|
| State | Accepted |
| Delegated to: | John Crispin |
| Headers | show |
| Series | [LEDE-DEV] ar71xx: fix invalid pointer dereference in c60_nand_scan_fixup() | expand |
On Wednesday, December 13, 2017 8:31:50 PM CET Gabor Juhos wrote: > Since Linux 4.6, mtd->priv no longer points to the NAND specific > structure. Under 4.9 it contains NULL, thus using it to access > the fields of the nand_chip structure causes an invalid pointer > dereference. > > Update the code to use the mtd_to_nand() helper under 4.9 to obtain > the address of the chip specific data. > > Compile tested only. > > Fixes: 7bbf4117c6fe ("ar71xx: Add kernel 4.9 support") > Signed-off-by: Gabor Juhos <juhosg@freemail.hu> Tested-by: Christian Lamparter <chunkeey@gmail.com> Yep, it boots on my unit. Kernel is: Linux c-60 4.9.67 "OpenWrt SNAPSHOT, r5518+1-bfa42ef8f5" Thanks
Hi Christian, 2017.12.14. 17:07 keltezéssel, Christian Lamparter írta: > On Wednesday, December 13, 2017 8:31:50 PM CET Gabor Juhos wrote: > >> Since Linux 4.6, mtd->priv no longer points to the NAND specific > >> structure. Under 4.9 it contains NULL, thus using it to access > >> the fields of the nand_chip structure causes an invalid pointer > >> dereference. > >> > >> Update the code to use the mtd_to_nand() helper under 4.9 to obtain > >> the address of the chip specific data. > >> > >> Compile tested only. > >> > >> Fixes: 7bbf4117c6fe ("ar71xx: Add kernel 4.9 support") > >> Signed-off-by: Gabor Juhos <juhosg@freemail.hu> > > Tested-by: Christian Lamparter <chunkeey@gmail.com> > > > > Yep, works on my C-60. Great. Thanks for testing! -Gabor > > > > Kernel is: Linux c-60 4.9.67 > > "OpenWrt SNAPSHOT, r5518+1-bfa42ef8f5" > > Thanks >
diff --git a/target/linux/ar71xx/files/arch/mips/ath79/mach-c60.c b/target/linux/ar71xx/files/arch/mips/ath79/mach-c60.c index 7b01af515b..144f5db740 100644 --- a/target/linux/ar71xx/files/arch/mips/ath79/mach-c60.c +++ b/target/linux/ar71xx/files/arch/mips/ath79/mach-c60.c @@ -180,7 +180,11 @@ static const struct mtd_ooblayout_ops c60_nand_ecclayout_ops = { static int c60_nand_scan_fixup(struct mtd_info *mtd) { +#if LINUX_VERSION_CODE < KERNEL_VERSION(4,6,0) struct nand_chip *chip = mtd->priv; +#else + struct nand_chip *chip = mtd_to_nand(mtd); +#endif chip->ecc.size = 512; chip->ecc.strength = 4;
Since Linux 4.6, mtd->priv no longer points to the NAND specific structure. Under 4.9 it contains NULL, thus using it to access the fields of the nand_chip structure causes an invalid pointer dereference. Update the code to use the mtd_to_nand() helper under 4.9 to obtain the address of the chip specific data. Compile tested only. Fixes: 7bbf4117c6fe ("ar71xx: Add kernel 4.9 support") Signed-off-by: Gabor Juhos <juhosg@freemail.hu> --- target/linux/ar71xx/files/arch/mips/ath79/mach-c60.c | 4 ++++ 1 file changed, 4 insertions(+)